Student Focus – WhatsApp Security

This is a guest post by Aleksandr Mylnikov, who did his semester project under JP Aumasson during his master's at EPFL, co-supervised by Prof. Arjen Lenstra. This post summarizes part of his work, thanks Alex! This part-time research project started in February 2017 and finished middle of June 2017. The goal was to understand WhatsApp's network architecture … Continue reading Student Focus – WhatsApp Security

Crypto challenge, 10 Ether of prizes

Kudelski Security is launching a new crypto challenge for Black Hat. It starts today and ends on July 25th at our private party in Las Vegas. The challenge and instructions are available at https://github.com/kudelskisecurity/cryptochallenge17. In short, here's how it works: We give you the code of a service running on some remote host. As you'll find out, … Continue reading Crypto challenge, 10 Ether of prizes

Meet Us in Vegas

For the yearly migration to the insanity of Vegas infosec and hacking conferences, we're coming with some new research that we'll present at all the three sacred sites: Black Hat, then BSides, and finally at Defcon's Crypto Village. Automated Testing of Crypto Software Using Differential Fuzzing is a joint work with Yolan Romailler, whose masters … Continue reading Meet Us in Vegas

Installing WireGuard, the Modern VPN

Co-authored by tmlxs and adr13n WireGuard is a network tunnel (VPN) for IPv4 and IPv6 that uses UDP.  Currently most of the code resides in the Linux kernel but cross platform implementations are under way. WireGuard features an authentication scheme similar to that of SSH, whereby the VPN server and each client have their own asymmetric key pair. Authorizing … Continue reading Installing WireGuard, the Modern VPN

Should Curve25519 keys be validated?

While analyzing Signal with Markus, I noticed that Signal's Curve25519-based ECDH doesn't validate public keys, and in particular will accept the 0 point as a public key—leading to a shared secret equivalent to 0 regardless of the value of the private key scalar. In contrast, libsodium will return an error if the shared secret happens … Continue reading Should Curve25519 keys be validated?

Auditing code for crypto flaws: the first 30 minutes

Auditing your code for proper crypto use is extremely important.  However, what if it's not generally your focus?  If your job today is to find flaws in the cryptographic components of application א, where should you start? I like to start an audit by checking which crypto primitives are used. This often gives you an idea of … Continue reading Auditing code for crypto flaws: the first 30 minutes

How (not) to break your (EC)DSA

During an internal project pertaining to automated cryptographic testing, we discovered that many implementations don't respect standard specifications, especially signature algorithms. Let us take a deeper look into it. We will mostly discuss the DSA and ECDSA algorithms and their respective domains and parameters. It is important to know that both of those digital signature … Continue reading How (not) to break your (EC)DSA